OAuth2 based on TP to build a simple case

Source: Internet
Author: User
Tags autoloader dsn oauth

Reading notes: Understanding OAuth2

OAuth is a delegation of authority ( Authorization ) Open network standards are widely used worldwide, and the current version is 2.0 version. try to build the environment today. Only as a record of learning;

Reference sources:

http://oauth.net/2/

http://bshaffer.github.io/oauth2-server-php-docs/cookbook/

Data Sheet Preparation:

Structure of the----table ' oauth_access_tokens '--create table IF not EXISTS ' oauth_access_tokens ' (' access_token ' text, ' client_id ' Tex T, ' user_id ' text, ' expires ' timestamp not NULL DEFAULT current_timestamp on UPDATE current_timestamp, ' scope ' text) EN Gine=innodb DEFAULT Charset=utf8; The structure of the--------------------------------------------------------------table ' oauth_ Authorization_codes '--create TABLE IF not EXISTS ' oauth_authorization_codes ' (' authorization_code ' text, ' client_id ' te XT, ' user_id ' text, ' Redirect_uri ' text, ' expires ' timestamp not NULL DEFAULT current_timestamp on UPDATE current_times Tamp, ' scope ' text, ' Id_token ' text) engine=innodb DEFAULT Charset=utf8;--------------------------------------------- Structure of the-----------------table ' oauth_clients '--create table IF not EXISTS ' oauth_clients ' (' client_id ' text, ' Client_secret ' t Ext, ' Redirect_uri ' text) engine=innodb DEFAULT Charset=utf8;----Dump the data in the table ' oauth_clients '--insert into ' oauth_clients ' ( ' client_id ', ' client_secret ', ' redirect_Uri ') VALUES (' DemoApp ', ' demopass ', ' http://127.0.0.1/tp/index.php ');-------------------------------------------- Structure of the------------------table ' Oauth_public_keys '--create table IF not EXISTS ' Oauth_public_keys ' (' client_id ' varchar) DEF Ault null, ' public_key ' varchar (8000) default NULL, ' Private_key ' varchar (8000) default NULL, ' Encryption_algorithm ' VA Rchar (+) Default ' RS256 ') engine=innodb default Charset=utf8;----------------------------------------------------- Structure of the---------table ' oauth_refresh_tokens '--create table IF not EXISTS ' oauth_refresh_tokens ' (' refresh_token ' text, ' client _id ' text, ' user_id ' text, ' expires ' timestamp not NULL DEFAULT current_timestamp on UPDATE current_timestamp, ' scope ' Text) Engine=innodb DEFAULT Charset=utf8;--------------------------------------------------------------table's structure ' OAuth _scopes '--create TABLE IF not EXISTS ' oauth_scopes ' (' scope ' text, ' Is_default ' tinyint (1) default NULL) Engine=innodb DEFAULT Charset=utf8;----------------------Structure of the----------------------------------------table ' oauth_users '--create table IF not EXISTS ' oauth_users ' (' username ' Varch AR (255) Not NULL, ' password ' varchar (+) default NULL, ' first_name ' varchar (255) default NULL, ' last_name ' varchar (25 5) Default NULL) Engine=innodb default Charset=utf8;----Indexes for table ' oauth_users '--alter table ' oauth_users ' ADD P Rimary KEY (' username ');

OAuth2 Library Address: https://github.com/bshaffer/oauth2-server-php

Here I put it in the vendor/oauth2;

Authorization Request Class:

<?phpnamespace Api\controller;class Oauth2controller extends \org\oauth2\controller{public function __construct ()    {parent::__construct (); } public Function authorize () {//Validate the authorize request if (! $this->oauth_server->validateauth            Orizerequest ($this->oauth_request, $this->oauth_response)) {$this->oauth_response->send ();        Die }//Print the Authorization code if the user has authorized your client $this->oauth_server->handleauthorizer        Equest ($this->oauth_request, $this->oauth_response, True); This is a if only-so-you get-see your code in the CURL request. Otherwise, we ' d redirect back to the client $code = substr ($this->oauth_response->gethttpheader (' location '),        Strpos ($this->oauth_response->gethttpheader (' location '), ' code= ') + 5, 40);        Echo json_encode ([' Code ' = $code]);    $this->oauth_response->send (); } publicfunction token () {$this->oauth_server->handletokenrequest (\oauth2\request::createfromglobals ())->send (    ); }}

The request encapsulation of the OAuth2 library is placed in: org/oauth2;

<?phpnamespace org\oauth2;class controller{protected $oauth _server;    protected $oauth _storage;    protected $oauth _request;    protected $oauth _response; Public Function __construct () {//autoloading (composer was preferred, but for this example let's just do this)/ /require_once (Vendor_path.        '/oauth2/autoloader.php ');//\oauth2\autoloader::register (); $DSN is the Data Source Name for your database, for exmaple "Mysql:dbname=my_oauth2_db;host=localhost" $this-&gt ; oauth_storage = new \oauth2\storage\pdo (' DSN ' = + C (' DSN '), ' username ' = + C (' username '), ' password ' = C ('        PASSWORD ')); Pass a storage object or array of storage objects to the OAuth2 server class $this->oauth_server = new \oauth        2\server ($this->oauth_storage); Add the "Client Credentials" grant type (it is the simplest of the grant types) $this-&GT;OAUTH_SERVER-&GT;ADDGR Anttype (New \oauth2\granttype\clientcredentials ($thIs->oauth_storage)); Add the "Authorization Code" grant type (this is where the OAuth magic happens) $this-&GT;OAUTH_SERVER-&GT;ADDGR        Anttype (New \oauth2\granttype\authorizationcode ($this->oauth_storage));        $this->oauth_request = \oauth2\request::createfromglobals ();    $this->oauth_response = new \oauth2\response ();    }}<?phpnamespace Org\oauth2;class Resource extends controller{protected $tokenData;        Public Function __construct () {parent::__construct (); Handle a request to a resource and authenticate the access token if (! $this->oauth_server->verifyresourcer            Equest (\oauth2\request::createfromglobals ())) {$this->oauth_server->getresponse ()->send ();        Die    } $this->tokendata = $this->oauth_server->getresourcecontroller ()->gettoken (); }}

  

Test class:

<?phpnamespace Api\controller;class TestController extends \org\oauth2\resource{public    function __construct ( )    {        parent::__construct ();    }    Public function test ()    {        echo json_encode (' success ' = ' = ' = ' message ' = ' "You accessed my apis! '));    }    Public Function GetToken ()    {        echo json_encode ([' token ' = + $this->tokendata]);}    }

Configuration file:

Require_once (Vendor_path. '/oauth2/autoloader.php '); Oauth2\autoloader::register (); return Array (    //' config item ' = ' config value '    autoload_ NAMESPACE ' = = Array (' OAuth2 ' = Vendor_path. ' oauth2/'),//Extension Module list    ' DSN ' = ' mysql:host=localhost;dbname=oauth2 ',    ' USERNAME ' = ' root ',    ' PASSWORD ' = ', ');

  

OAuth2 based on TP to build a simple case

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.